ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and in case it detects an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the site visitors than any web server does, so you shall manage to keep an eye on what's going on with your Internet sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it detects whether someone is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, after that records comprehensive details about them in its logs. ModSecurity is amongst the most effective software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
ModSecurity is offered with every single cloud hosting
solution which we offer and it is switched on by default for any domain or subdomain that you add through your Hepsia Control Panel. In the event that it disrupts any of your applications or you'd like to disable it for whatever reason, you shall be able to do that through the ModSecurity area of Hepsia with just a mouse click. You could also use a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You could see comprehensive logs in the same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so on. For max safety of our clients we use a group of commercial firewall rules mixed with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity as a standard inside all semi-dedicated hosting
packages, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any site with a mouse click. You shall also have the ability to activate a passive detection mode in which ModSecurity will keep a log of potential attacks without actually stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack generated, where it originated from, and so on. The list of rules we employ is frequently updated in order to match any new threats which may appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones that our admins add in case they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS
All virtual private servers
which are provided with the Hepsia Control Panel feature ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there will not be anything special that you shall have to do to protect your Internet sites. It shall take you just a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any actions to stop intrusions. You will be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall used to handle it, etcetera. We employ a mixture of commercial and custom rules in order to make sure that ModSecurity shall block as many risks as possible, consequently boosting the security of your web apps as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity is available as standard with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In the event that a web app doesn't work adequately, you could either turn off the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any possible attack that may happen, but will not take any action to stop it. The logs created in passive or active mode will give you more details about the exact file that was attacked, the form of the attack and the IP it originated from, etcetera. This information shall enable you to decide what actions you can take to enhance the safety of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial package from a third-party security firm we work with, but sometimes our administrators include their own rules as well in the event that they identify a new potential threat.